Welcome to MSDN Blogs Sign in | Join | Help

XMLHttp : Step 1

 

What is XMLHttpRequest?

 - It is an API that is used by JavaScript and some other scripting languages to transfer data (XML/plain text) "to-and-from" a web server over HTTP.
 - You can make a call from an html page also. In the following example we are not using any aspx page. Its plain simple htm with javascript.
 - The point to note is: XMLHttpRequest is used by client side scripting engines to call server side methods. Your client needs to be capable enough to handle responses delivered by the request.
 - The communication between client and server happens over a separate channel, and its the underlying concept behind AJAX.
 - Practically, this simply means that you don't have to refresh the page in order to get "some" data. You are performing a partial page update.
 - In Internet Explorer 6 and earlier, XMLHTTP was implemented as an ActiveX object provided by Microsoft XML (MSXML). Beginning with Internet Explorer 7, XMLHTTP is also exposed as a native scripting object.
 - Internet Explorer 7 still supports the legacy implementation of XMLHTTP alongside the new native object, so pages currently using the ActiveX control do not need to be rewritten. However, it is much more efficient to create the native scriptable object than an ActiveX object. This is especially beneficial to those AJAX applications that create a new XMLHTTP object for each request.
 - In the following example we are not calling any server side code that implements business logic, instead we are fetching the text response from http://www.microsoft.com. We will discuss how to consume Webservices directly from a browser with XMLHttpRequest without using AJAX.

What options can we use to instantiate an XMLHttpRequest object?
 - There are chances that XMLHttp may be disabled on a domain level. We need to take this into account.
if(window.XMLHttpRequest) returns false
> Its disabled! but we can use "var xmlRequest = new ActiveXObject('MSXML2.XMLHTTP.3.0');" to instantiate
> You are not using IE 7, so you need to use: var xmlRequest = new ActiveXObject('MSXML2.XMLHTTP.3.0');

Prior to IE 7 you required the following to use XMLHttp:
var xmlRequest = new ActiveXObject("Microsoft.XMLHTTP");

However with IE 7 you can use the following pice of code:
var xmlRequest = new XMLHttpRequest();

<script language="javascript">

var xmlRequest = new ActiveXObject("Microsoft.XMLHTTP");

function OnComplete(){
    var spn = document.getElementById("spn");
    switch(xmlRequest.readyState){
    case 1:
        spn.innerHTML = "connection opened.";
        break;
    case 2:
        spn.innerHTML += "<br>GET request sent.";
        break;
    case 3:
        spn.innerHTML += "<br>recieving data...<br>";
        break;
    case 4:
        spn.innerHTML += xmlRequest.responseText;
     alert("Length of response = " + xmlRequest.responseText.length);    
     spn.innerHTML += "complete.";
        break;
    }
}

function hell(){
    xmlRequest.onreadystatechange = OnComplete;
    xmlRequest.open("GET", "http://www.microsoft.com", true);
    try{
     alert("about to send");
     xmlRequest.send();
     }
    catch(e){
     alert(e.message);
        }
}
</script>

<html>
<body>
    <input id="btn" value="invoke" type="button" onclick="hell();" />
    <br>
    <span id="spn" />
</body>
</html>

XMLHttpRequest Object
http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/reference/objects/obj_xmlhttprequest.asp

Published Wednesday, April 11, 2007 7:32 AM by Sanjeet
Filed under: ,

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: XMLHttp : Step 1

Sanjeet,

Why does IE allow cross domain requests from the XmlHttpRequest object?

I have access datasources across domains set to "disable" in IE7.

Isn't that a security issue?

Firefox prevents cross domain access.

Thanks.

Thursday, April 12, 2007 8:59 PM by Ron

# re: XMLHttp : Step 1

I have a similar question...can you please reply back with details

Friday, April 13, 2007 10:20 PM by Saurabh Singh

# re: XMLHttp : Step 1

Refer to the article:

http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/overview/aboutxmlhttp.asp

It says:

Before any XMLHTTP request is sent, the URL of the hosting page is compared to the URL in the open method to determine if they are in the same domain. If not, the request is handled according to the policy of the security zone in which the request originates. The native XMLHTTP object uses logic inherited from MSXML-XMLHTTP to determine how to handle cross-domain data requests based on the following rules:

   * Cross-domain requests are allowed within the same zone if the Internet Explorer security manager has allowed "Access data sources across domains" (URLACTION_CROSS_DOMAIN_DATA) either implicitly or by prompting the user.

   * If the request is from a more trusted security zone to a less trusted one, the security settings of the originating zone apply. (The zones, in order of trust, are as follows: Local Machine, Trusted Sites, Local Intranet, Internet.)

   * All cross-domain requests to or within the Restricted Sites zone are disallowed, regardless of selected security zone policy.

In Internet Explorer 7, the default settings for cross-domain data access have been set to "deny" for all security zones. Site developers may find it useful to allow cross-site domain access for the Trusted Sites zone and add sites as needed to this zone to test software under development. However, this architecture is intended only as a temporary workaround, and is not recommended for fully developed software.

Wednesday, April 18, 2007 11:09 AM by Sanjeet

# AJAX in a nutshell : It can't get any simpler folks

1. Ajax basics - "Asynchronous JavaScript and XML," is a web development technique for creating interactive

Sunday, September 02, 2007 9:02 AM by Picture This

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
 
Page view tracker